Privacy, Big Brother (State and Corporate) and the 4th & 9th Amendments

[Crafty_Dog]

All:

I suppose I could have put this very important topic on the Political Forum,  but I have decided to put it here where I am hoping it will get the attention it deserves.

Marc
=====================

http://www.freep.com/apps/pbcs.dll/a...=2007701080415

Quote:
U.S. may check Web use
Privacy advocates challenge push to track sites visited
January 8, 2007
BY JOHN REINAN
MCCLATCHY NEWSPAPERS

The federal government wants your Internet provider to keep track of every Web site you visit.
For more than a year, the Justice Department has been in discussions with Internet companies and privacy rights advocates, trying to come up with a plan that would make it easier for investigators to check records of Web traffic.

The idea is to help law enforcement officials track down child pornographers. But some see it as another step toward total surveillance of citizens -- joining warrantless wiretapping, secret scrutiny of library records and unfettered access to e-mail as another power that could be abused.
"I don't think it's realistic to think that we would create this enormous honeypot of information and then say to the FBI, 'You can only use it for this narrow purpose,' " said Leslie Harris, executive director of the Center for Democracy & Technology, a Washington, D.C.-based group that promotes free speech and privacy in communication.
"We have an environment in which we're collecting more and more information on the personal lives of Americans, and our laws are completely inadequate to protect us."
Need to safeguard children
So far, no concrete proposal has emerged, but Attorney General Alberto Gonzales has made it clear that he would like to see quick action.
In testimony before a Senate committee in September, Gonzales painted a disturbing picture of child pornography on the Web.
But federal agents and prosecutors are hampered in their investigations because Internet companies don't routinely keep records of their traffic, he told the committee.
Gonzales also pushed for Internet records tracking in a speech at the National Center for Missing and Exploited Children in April.
"Privacy rights must always be accommodated and protected as we conduct our investigations," he said.
But, he said, "the investigation and prosecution of child predators depends critically on the availability of evidence that is often in the hands of Internet service providers.
"This evidence will be available for us to use only if the providers retain the records for a reasonable amount of time."
Rationales differ
Internet service providers typically keep records of Web traffic for 30 to 90 days, as a way to trace technical glitches. Many ISPs and privacy advocates say it's already easy for government agents to get the information they need to investigate crimes.
The FBI, without a court order, can send a letter to any Internet provider ordering it to maintain records for an investigation, said Kevin Bankston, an attorney for the Electronic Frontier Foundation, a San Francisco-based group that promotes free speech and privacy on the Web.
"If this passes, there would be a chilling effect on free speech if everyone knew that everything they did on the Internet could be tracked back to them," Bankston said.
The government has offered differing rationales for its data-retention plan, said Harris, the privacy advocate.
"I've been in discussions at the Department of Justice where someone would say, 'We want this for child protection.' And someone else would say 'national security,' and someone else would say, 'computer crimes,' " Harris said.
Types of records unclear
There are questions about what records would be kept, said David McClure, president of the U.S. Internet Industry Association, a Virginia-based group that represents about 800 ISPs.
Is it a log of every Web site a user visits? Is it the actual content of e-mails and other Internet communications? Nobody in the government has offered specifics, he said.
"When we go to them for specifics, they start shuffling and hemming and hawing, and the issue goes away until the attorney general gives another speech," he said.
"This is all being driven by a political need, not a law enforcement need."
Kathleen Blomquist, a Department of Justice spokeswoman, wouldn't comment on specific proposals for tracking.

[Crafty_Dog]

EditorialTwitter Tapping Sign in to Recommend
Published: December 12, 2009
The government is increasingly monitoring Facebook, Twitter and other social networking sites for tax delinquents, copyright infringers and political protesters. A public interest group has filed a lawsuit to learn more about this monitoring, in the hope of starting a national discussion and modifying privacy laws as necessary for the online era.

Law enforcement is not saying a lot about its social surveillance, but examples keep coming to light. The Wall Street Journal reported this summer that state revenue agents have been searching for tax scofflaws by mining information on MySpace and Facebook. In October, the F.B.I. searched the New York home of a man suspected of helping coordinate protests at the Group of 20 meeting in Pittsburgh by sending out messages over Twitter.

In some cases, the government appears to be engaged in deception. The Boston Globe recently quoted a Massachusetts district attorney as saying that some police officers were going undercover on Facebook as part of their investigations.

Wired magazine reported last month that In-Q-Tel, an investment arm of the Central Intelligence Agency, has put money into Visible Technologies, a software company that crawls across blogs, online forums, and open networks like Twitter and YouTube to monitor what is being said.

This month the Electronic Frontier Foundation and the Samuelson Law, Technology and Public Policy Clinic at the University of California, Berkeley, School of Law sued the Department of Defense, the C.I.A. and other federal agencies under the Freedom of Information Act to learn more about their use of social networking sites.

The suit seeks to uncover what guidelines these agencies have about this activity, including information about whether agents are permitted to use fake identities or to engage in subterfuge, such as tricking people into accepting Facebook friend requests.

Privacy law was largely created in the pre-Internet age, and new rules are needed to keep up with the ways people communicate today. Much of what occurs online, like blog posting, is intended to be an open declaration to the world, and law enforcement is within its rights to read and act on what is written. Other kinds of communication, particularly in a closed network, may come with an expectation of privacy. If government agents are joining social networks under false pretenses to spy without a court order, for example, that might be crossing a line.

A national conversation about social networking and other forms of online privacy is long overdue. The first step toward having it is for the public to know more about what is currently being done. Making the federal government answer these reasonable Freedom of Information Act requests would be a good start.

[G M]

How would being undercover in real life be different than being U/C online?

[Crafty_Dog]

      Eric Schmidt on Privacy



Schmidt said:

     I think judgment matters. If you have something that you don't
     want anyone to know, maybe you shouldn't be doing it in the first
     place. If you really need that kind of privacy, the reality is
     that search engines -- including Google -- do retain this
     information for some time and it's important, for example, that we
     are all subject in the United States to the Patriot Act and it is
     possible that all that information could be made available to the
     authorities.

This, from 2006, is my response:

     Privacy protects us from abuses by those in power, even if we're
     doing nothing wrong at the time of surveillance.

     We do nothing wrong when we make love or go to the bathroom. We
     are not deliberately hiding anything when we seek out private
     places for reflection or conversation. We keep private journals,
     sing in the privacy of the shower, and write letters to secret
     lovers and then burn them. Privacy is a basic human need.

     [...]

     For if we are observed in all matters, we are constantly under
     threat of correction, judgment, criticism, even plagiarism of our
     own uniqueness. We become children, fettered under watchful eyes,
     constantly fearful that -- either now or in the uncertain future
     -- patterns we leave behind will be brought back to implicate us,
     by whatever authority has now become focused upon our once-private
     and innocent acts. We lose our individuality, because everything
     we do is observable and recordable.

     [...]

     This is the loss of freedom we face when our privacy is taken from
     us. This is life in former East Germany, or life in Saddam
     Hussein's Iraq. And it's our future as we allow an ever-intrusive
     eye into our personal, private lives.

     Too many wrongly characterize the debate as "security versus
     privacy." The real choice is liberty versus control. Tyranny,
     whether it arises under threat of foreign physical attack or under
     constant domestic authoritative scrutiny, is still tyranny.
     Liberty requires security without intrusion, security plus
     privacy. Widespread police surveillance is the very definition of
     a police state. And that's why we should champion privacy even
     when we have nothing to hide.

Schmidt's remarks:
http://gawker.com/5419271/google-ceo-secrets-are-for-filthy-people

My essay on the value of privacy:
http://www.schneier.com/essay-114.html

See also Daniel Solove's "'I've Got Nothing to Hide' and Other
Misunderstandings of Privacy."
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=998565

[G M]

Ok, that's a non-answer.

[Crafty_Dog]

Published: December 25, 2009
The Ohio Supreme Court has struck an important blow for privacy rights, ruling that the police need a warrant to search a cellphone. The court rightly recognized that cellphones today are a lot more than just telephones, that they hold a wealth of personal information and that the privacy interest in them is considerable. This was the first such ruling from a state supreme court. It is a model for other courts to follow.

PrivacySearches generally require warrants, but courts have carved out limited categories in which they are not needed. One of these is that police officers are allowed, when they arrest people, to search them and the area immediately surrounding them, as well as some kinds of containers in their possession.

When the police arrested Antwaun Smith on drug charges they seized his cellphone and searched it, examining his call records. The police did not have a warrant or the consent of Mr. Smith.

The Ohio Supreme Court ruled this month, by a 4-to-3 vote, that the search violated the Fourth Amendment’s protection against unreasonable search and seizure. Rather than seeing a cellphone as a simple closed container, the majority noted that modern cellphones — especially ones that permit Internet access — are “capable of storing a wealth of digitized information.”

This is information, the court said, for which people reasonably have a high expectation of privacy, and under established Fourth Amendment principles, police officers must get a search warrant before they can look through call logs or examine other data. The court wisely decided that it made no sense to try to distinguish among various kinds of cellphones based on what specific functions they have. All cellphones, the court said, fall under the search warrant requirement.

Few federal courts have considered the issue of cellphone searches, and they have disagreed about whether a warrant should be required. The Ohio ruling eloquently makes the case for why the very personal information that new forms of technology aggregate must be accorded a significant degree of privacy.

[Body-by-Guinness]

Not that I doubt the whiz kids at Fort Meade haven't done it already. . . .

After 21 Years, GSM Encryption is Cracked Putting 3.5B Users at Risk
Jason Mick (Blog) - December 29, 2009 9:04 AM


The cat's out of the bag -- after 28 years the 64-bit A5/1 algorithm that encrypts over 3.5 billion users' cell phone traffic, has been cracked and the results published.  (Source: Suldog)
 Cell phone industry group calls the research "illegal"; insists that there is little threat

For 21 years, the same encryption algorithm, A5/1, has been employed to protect the privacy of calls under the Global Systems for Mobile communications (GSM) standard.  With the GSM standard encompassing 80 percent of calls worldwide (AT&T and T-Mobile use it within the U.S.) -- far more than the leading rival standard CDMA -- this could certainly be considered a pretty good run.  However, someone has finally deciphered and published a complete analysis of the standard's encryption techniques in an effort to expose their weaknesses and prompt improvement.

Karsten Nohl, a 28-year-old German native, reportedly cracked the code and has published his findings to the computer and electronics hacking community.  Mr. Nohl, who cites a strong interest in protecting the privacy of citizens against snooping from any party, says that his work showcases the outdated algorithms' flaws.

At the Chaos Communication Congress, a four-day conference of computer hackers that runs through Wednesday in Berlin, he revealed his accomplishments.  He describes, "This shows that existing GSM security is inadequate.  We are trying to push operators to adopt better security measures for mobile phone calls."

The GSM Association, the London-based group that developed the standard and represents wireless companies, was quick to blast the publication calling Mr. Nohl's actions illegal and counterintuitive to the desire to protect the privacy of mobile phone calls.  However, they insist that the publication in no way threatens the standard's security.

Claire Cranton, an association spokeswoman, confirmed that Mr. Nohl was the first to break the code, commenting, "[Security threats from the publication of this standard are] theoretically possible but practically unlikely.  What he is doing would be illegal in Britain and the United States. To do this while supposedly being concerned about privacy is beyond me."

Mr. Nohl attended college in the U.S. and received a PhD in computer engineering from the University of Virginia.  Via a similar publication, he managed to convince the DECT Forum, a separate standards group based in Bern, to upgrade its own security algorithm, improving the protection to the standard's 800 million customers in the process.

And while the trade group is only on yellow alert, some security experts disagree with the group's threat analysis, as well, saying the threat could be far more serious.  One expert suggested that calls may soon need to be scanned for malicious activity, much as an antivirus scanner works on a computer.

Stan Schatt, a vice president for health care and security at the technology market researcher ABI Research in New York, opines, "Organizations must now take this threat seriously and assume that within six months their organizations will be at risk unless they have adequate measures in place to secure their mobile phone calls."

The process of cracking the algorithm involved the help of 24 members of the Chaos Computer Club in Berlin, who helped generate the random combinations needed to try and reproduce the standard's code book, so to speak.  The vast log of binary combinations forms the basis of the A5/1 encryption -- and how to undo it.  And it's now on torrents worldwide.

Despite that, Mr. Nohl insists that his actions aren't illegal.  He says he took great precautions to make sure his work was kept purely academic, in the public domain, and that it was not used to crack any actual digital telephone calls.  He states, "We are not recommending people use this information to break the law.  What we are doing is trying to goad the world’s wireless operators to use better security."

A5/1 is a 64-bit security algorithm.  Despite this particular algorithm's run, 64-bit encryption is considered weaker by today's standards.  Today 128-bit algorithms are considered to be strong enough to protect most data.  The GSM Association has devised a 128-bit successor to A5/1, dubbed A5/3, but it has failed to push the standard out across much of the industry.

The Association claims that there's little danger of calls being intercepted as hackers would have to pick one call stream out of thousands at a cell phone tower.  They say that this would take prohibitively expensive sophisticated equipment and software.  Security experts disagree with this assessment -- including Mr. Nohl who pointed out that there was a wealth of open source software and cheap equipment to accomplish exactly those sort of objectives. 

Simon Bransfield-Garth, the chief executive of Cellcrypt, a company based in London that sells software, agrees, saying that the publications opens call interception to "any reasonable well-funded criminal organization".  He adds, "This will reduce the time to break a GSM call from weeks to hours.  We expect as this further develops it will be reduced to minutes."

Why is that a big deal?  Over 3.5 billion people use GSM worldwide, including 299 million in North America.

http://www.dailytech.com/article.aspx?newsid=17236

[Crafty_Dog]

http://www.youtube.com/watch?v=ETrc-ums8_U

[G M]

OMG! The police have aircraft!!!!   

[G M]

[Crafty_Dog]

GM:

That's very funny , , , and utterly non-responsive to the real issues presented.

With this we will be on the slippery slope to being watched all the time everywhere.

I didn't like this when I read Orwell's 1984, and I don't like it now. 

I don't think the Founding Fathers would put up with it ither.

[G M]

NYPD started the first police aviation unit in 1919.



The Houston Police Helicopter Division was establish in 1970. The Helicopter Division's first helicopters were model 300c Hughes crafts. The Police Museum has an earlier style police helicopter hanging from the ceiling. The craft is called a "FOX" because of the call numbers on the tail of all HPD Helicopters. All HPD craft markings end with the letter "F." The Military alphabet uses this letter in conjunction with the word Fox. Thus, 53Fox would be the radio call numbers for the craft that now hangs in the museum.

[G M]

Since law enforcement has been using aircraft for close to a century, what's the crisis now?

[Crafty_Dog]

The problem is this:

Due to the acclerating march of technology and its geometrically accelerating decline of its costs, it becomes possible to have an all seeing all recording Big Brother state.

[G M]

Funny, more than a few law enforcement agencies are cutting back/eliminating their aviation programs due to budget cuts. I doubt the unmanned aircraft are anywhere near cheap.

[G M]

SoCal is famous for it's use of police helicopters. Do you feel oppressed?

[G M]

So, police pilot in aircraft, ok, but police pilot not in aircraft, scary orwellian development?

[Crafty_Dog]

More good wit GM, you're on a roll.

Lets see where this leads.

Ultimately, yes.

I reject utterly the notion that if I am doing nothing wrong I have nothing to fear.  Maybe I want to pick my nose, or scratch my ass.  Maybe I want to have great sex in the middle of a field.   Maybe I just want to act in ways I don't want others to see.

If a policeman is sitting on the traffic light, I know he is there.  If there is some mini-high-tech camera, I probably don't know I am being watched.  From a human and budgetary POV, it is impossible to put a policeman on every traffic light.  In contrast t is quite easy to put a camera on every light and every corner.  Just look at the UK.

If there is a helicopter with a policeman in it, from a human and budgetary POV, there is a limit to how many helicopters buzzing around there will be.  A drone costs a tiny fraction of a helicopter to buy and to operate-- and as a practical matter we the American people, a people who have fought to establish our freedom, will not know whether we are being watched or not. 


With this, we enter the landy of the creepy and the Orwellian.

[G M]

Maybe I want to pick my nose, or scratch my ass.  Maybe I want to have great sex in the middle of a field.   Maybe I just want to act in ways I don't want others to see.

**The fouth requires a reasonable expectation of privacy. Nose picking, ass scratching or sex in a public location has no reasonable expectation of privacy.**

If a policeman is sitting on the traffic light, I know he is there. 

**Much of the time traffic enforcement is being done, you don't see the cop that's seeing you. Nothing new there.**

If there is some mini-high-tech camera, I probably don't know I am being watched.  From a human and budgetary POV, it is impossible to put a policeman on every traffic light.  In contrast t is quite easy to put a camera on every light and every corner.  Just look at the UK.

**I like red light cameras, if used in the right way. As far as the UK putting cameras everywhere, I recently read something that said that as far as a tool for reducing crime, it's a flop.**

If there is a helicopter with a policeman in it, from a human and budgetary POV, there is a limit to how many helicopters buzzing around there will be.  A drone costs a tiny fraction of a helicopter to buy and to operate-- and as a practical matter we the American people, a people who have fought to establish our freedom, will not know whether we are being watched or not. 


With this, we enter the landy of the creepy and the Orwellian.

[Crafty_Dog]

"**The fouth requires a reasonable expectation of privacy. Nose picking, ass scratching or sex in a public location has no reasonable expectation of privacy.**

If no one is in sight, or if I am on private property bounded by a solid fence, I should be able to blissfully pick my nose, scratch my ass, get great fellatio, etc without wondering if some eye in the sky is watching.

[G M]

So, you want to ban all aircraft?

[Crafty_Dog]

Aircraft I can see.  No worries-- though when armed with technology that enables high res photos from far away, that too becomes a problem.

Unmanned drones designed to hang out and spy generally undetected, generally I have a big problem.

[G M]

The irony seemingly missed by you, the tv news and the tinfoil hat youtube poster is that the media has helicopters with cameras that allow them to fly and photograph just as police aircraft do. Modern cameras allow closeup still and video to be taken from distances where the helo can't be seen or heard. This could allow for you to be seen getting a Clinton in your back yard.

[Crafty_Dog]

I don't like what I read about the level of surveillance in the UK and I don't want it here.   

Anyway, I suspect we will continue to go around the mulberry bush on this one with each having little persuasive effect upon the other and so, for now  will sign off. 

[G M]

Trotting a beat in San Francisco
Delfin Vigil

Sunday, October 2, 2005

"I was patrolling down on Ocean Beach when a homeless guy came up to me and the horse and said, 'Man, you horse cops have got like a totally different vibe than the cops down in the Tenderloin,' " remembers Downs, smiling.

"You know, he's probably right. Because in all my years of being in a patrol car, nobody ever came up to me just to say hello. Now it happens every day."

Once SFPD police officers become eligible, they always add their names to the bottom of a long waiting list in hopes of becoming an officer in the country's second-oldest mounted patrol unit, according to Downs.

"Let's just say it was hardly a spur-of-the-moment decision to join," admits the no-pun-intended sergeant, who was on a waiting list for 13 years.

Officially founded in 1872 (two years after New York City's), the mounted patrol unit has been trotting through the city's streets fighting and preventing crime in three centuries. While in its -- ahem -- heyday, there were upward of 30 badge-wearing horses, and although at one point every substation in the city had horses, there are only 13 on-duty patrol ponies left at the department's stables in Golden Gate Park.

There have been attempts to close the unit, including budget-crunching efforts from former Mayor Art Agnos and a proposition put on the 1988 ballot by real estate investor Nicholas Roomel.

"For too long the city of St. Francis has been forced to watch disgusting, undiapered horses annoying the public littering the streets, parks and beaches with excrement," wrote Roomel in his losing argument, which cost $10,000 in campaign funding to defeat.

Although some critics write off the mounted patrol as a chance for police officers to joyride through the park, many don't realize that the horses are putting their lives at risk.

"During crowd control on New Year's Eve, we'll get drunks throwing champagne bottles and other sharp objects right at the horses' faces," says Downs. "We've even had people pick up entire police barricades and throw them at us."

Crowd control is where the horses come in especially handy, because they have the ability to be imposing without being threatening, says Downs.

During one of the initial and largest protests against the current war in Iraq, the mounted patrol unit was brought in to help the first officers on the scene, who were being backed in and surrounded by protesters near Third and Market streets.

"Eleven horses were brought in to save the officers," remembers Downs. "We were able to part the sea of protesters without hitting, stepping on or even touching a single person. That's the beauty of the horse."

All 13 horses on patrol are geldings (neutered males) and include Clydesdale mixes, American quarter horses and Tennessee walkers. Long before they join the force, candidates are spotted for personality traits that would make them good horse police officers. Being calm, curious and affectionate with people is a must. But always following strict orders and going through an intense noise desensitization training is even more important before a horse can take on the noisy and unpredictable streets of San Francisco.

Aggressive dogs are probably the biggest danger to the four-legged officers.

In November 2003, a woman was walking Nettie, a pit bull mix, in Golden Gate Park when she decided to take off the dog's leash to let it play with other dogs. But instead it went after police horse AAA Andy.

AAA, who is not in the insurance business but was given to the department by the company, was bitten several times in the belly and legs by the dog, which continued to chase him for about a half mile as AAA Andy tried to find his way back to the stables. The officer was thrown to the ground during the frenzy. Another officer had to shoot the dog (who survived) to stop the attack.

AAA Andy went on disability for a couple of months. Within weeks of being back on the job he was in the news again for galloping down the "Spider-Man" burglar who had a record of more than 60 acrobatic burglaries through skylights and ventilation shafts in Sunset District buildings. This time, "Spider-Man," a.k.a. 27-year-old Kristian Kwon Marine, was on the run after snatching a purse at a cafe on Ninth Avenue and Irving Street. With only a good old-fashioned "he went thataway," tip, AAA and Officer Kaan Chin chased the burglar down in a field in Golden Gate Park.

"What people don't always understand is that most of what all police officers do involves crime prevention," says Kaan, who still rides AAA Andy. "But these horses are very capable of fighting crime in heat-of-the-moment ways as well. Once that saddle is put on, their personalities change and they are ready to work."

Like all police fraternities, the horses occasionally don't get along and even give each other some grief. No doubt the General, an American quarter horse with seven years on the force, had to put his tail between his legs when his corral compadres heard what happened to him.

"We tied him near Ninth Avenue during a break, and some idiot jumped on and rode him across the street," remembers Downs, a little embarrassed for the General. "That guy was so far gone no psychiatrist would have said he was sane in court," Downs says about the General's rogue rider, as any good cop would to defend a buddy with a wounded ego.

E-mail Delfin Vigil at dvigil@sfchronicle.com.

This article appeared on page PK - 23 of the San Francisco Chronicle



Read more: http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2005/10/02/PKG6CEU8GT1.DTL#ixzz0bmrk4b8i

[G M]

Oh yeah, horses are cute. Don't buy into the propaganda, man.

Who had horses? The nazis! Yeah, that's right. Who else has horses? The UK! See the connections? It's all becoming more clear by the moment. First come the horses, then the cops get aircraft, next thing you know, you can't get a filthy sanchez in your backyard without some fascist jackboot clomping by on his "cute and fuzzy" POLICE HORSE!

I know the founding fathers would never tolerate the government having horses.....

[Body-by-Guinness]

What's that saying about beating a dead horse?

[G M]

Go ahead and mock the looming threat to privacy and freedom that horses present. Don't say I didn't warn you when they crush the constitution under their steely hooves!

[Crafty_Dog]

Well, we have half of one in the White House right now so you are more right than you realize

[G M]

Aha! Vindication! 

[G M]

http://www.nytimes.com/2010/01/11/business/11drone.html?pagewanted=all

Military Is Awash in Data From Drones
By CHRISTOPHER DREW
Published: January 10, 2010

HAMPTON, Va. — As the military rushes to place more spy drones over Afghanistan, the remote-controlled planes are producing so much video intelligence that analysts are finding it more and more difficult to keep up.

Daniel Rosenbaum for The New York Times
Col. Daniel R. Johnson, right, in the intelligence center at Langley Air Force Base in Hampton, Va., where analysts watch every second of drones’ video footage live as it is streamed there.

Daniel Rosenbaum for The New York Times
Airmen received a pre-mission briefing at Langley Air Force Base in Hampton, Va. They meld information from Predator drones, U-2 spy planes and other sources from Afghanistan and Iraq.

 
Air Force drones collected nearly three times as much video over Afghanistan and Iraq last year as in 2007 — about 24 years’ worth if watched continuously. That volume is expected to multiply in the coming years as drones are added to the fleet and as some start using multiple cameras to shoot in many directions.

A group of young analysts already watches every second of the footage live as it is streamed to Langley Air Force Base here and to other intelligence centers, and they quickly pass warnings about insurgents and roadside bombs to troops in the field.

But military officials also see much potential in using the archives of video collected by the drones for later analysis, like searching for patterns of insurgent activity over time. To date, only a small fraction of the stored video has been retrieved for such intelligence purposes.

Government agencies are still having trouble making sense of the flood of data they collect for intelligence purposes, a point underscored by the 9/11 Commission and, more recently, by President Obama after the attempted bombing of a Detroit-bound passenger flight on Christmas Day.

[Crafty_Dog]

Creditworthy? Lenders delve into your social networks

January 21, 2010 - 6:00am


Lenders are using social graphs to determine how creditworthy you are. (Getty Images)

UNDATED - Your social networking chit-chat could have an impact on your credit - specifically on whether banks think you are worthy of a loan.
Creditors are checking out what you post to your Facebook and Twitter accounts. They're checking out who your friends are and who the people are in your networks.

The presumption is that if your friends are responsible credit cardholders and pay their bills on time, you could be a good credit customer, according to CreditCards.com.

A company called San Francisco-based company Rapleaf monitors what people tweet or post on Facebook and compiles what it calls social graphs of your likes, dislikes, strengths and weaknesses.

Lenders say having a wide network of friends can expedite getting a loan, while discrepancies between your loan application and your Facebook wall information can raise red flags. Negative comments about your business also can impact your creditworthiness.

Joel Jewitt, vice president of business development of Rapleaf, says creditors aren't accessing the credit reports of your online friends and aren't using the data to find reasons to reject customers.

While lenders say they are using the information for marketing purposes -- to find out what you may like based on what your friends like, the idea of data mining beyond your credit score raises privacy concerns. Some consumer advocates say people may not realize how important their privacy settings are.

You may want to check out the profiles of the folks you friend and delete people you think could potentially damage your credit or employment reputation.

And, of course, you want to remember that what you post is public.
(Copyright 2010 by WTOP. All Rights Reserved.)

[Crafty_Dog]

From a thread started by our friend Cold War Scout on another forum:

Surveillance Cameras: How Does the Operator Contend With Them?

--------------------------------------------------------------------------------
I am posting this article because it is an example of the informal network of video cameras that exists out there in urban areas. It does not matter whether you like surveillance cameras or not, they are out there. Any police department worth its salt has figured out what level of connectivity exists out there which they can use as the basis for trying to determine a suspect's movements to/from a crime scene. Sometimes this allows for determining which vehicle a suspect ultimately got into (e.g. a parking lot) because the "network" only needs to track you to a point where an indentification can be established.

Ergo, when you talk about throw downs and throw aways, or smoking a dirtbag and simply fleeing, keep in mind that you could have the effectiveness of this informal network hanging over your head.


Police capture student's accused rapist
Scott McCabe
Examiner Staff Writer
January 28, 2010
Montgomery County police arrested a man accused of the sexual assault of a 19-year-old student, capping off a five-hour manhunt and the temporary lockdown of Montgomery College's Takoma Park campus. Nathaniel L. Hart, 34, was charged with two counts of first-degree rape, first-degree sexual offense and attempting to escape after arrest. Authorities shut down the campus around 3:30 p.m. Tuesday after a student reported that she had been raped in the bathroom of the performing arts center.Video footage led police to the Days Inn in Silver Spring, where they arrested Hart after officers noticed an open door of a room that hotel management said had been vacant.

Read more at the Washington Examiner: http://www.washingtonexaminer.com/local/crime/Police-capture-student_s-accused-rapist-82808167.html#ixzz0e0wRBqqb
============

You might be well served right now to try and figure out where cameras are located in the areas you frequent and whether/how it is possible to avoid them (e.g. shopping centers, malls, traffic cameras on the main road outside your house).

There is a reason why talented bandits where layers of clothing. Police are looking for a man with a long sleeve blue flannel shirt, but bandit has pulled that off, thrown it away, and is now down to maybe long sleeve (or short sleeve) gray t-shirt. Same with pants. What started out as gray fleece sweat pants may wind up as blue jeans.

Hoodies and watch caps can be worth their weight in gold. Especially if you have flaming red hair or a Mohawk. Hoodies also seriously cut down the available angles and lighting in photo enhancements.

Is the logo on your jacket or shirt very distinctive or memorable? It might be to witnesses or a camera enhancement as well.

Are you driving a flaming red Hummer (or one of those yellow ones I see so many of)?

Wearing distinctive boots with a distinctive print? Running across a muddy field to your car?

So what thoughts come to YOUR mind as/if you need to successfully urban E and E?
===========

We put in a lot of these systems.

The factors that affect their usefulness for both actionable and forensic intel are:

1. Are the systems properly monitored?
2. Are they maintained?
3. Are they cohesive systems - ie all on one media server?
4. Do they store the video? Many places just store one day or not at all.
5. Do they have active detection software running? ( ie looks for a stopped car?)

Most university campuses have one system and its easy to put all cameras of interest on one pane of glass and then roll forward from a point in time. Universities are pretty good at 1-4. If they have a Dispatch/Security team looking at the systems actively, then they can respond pretty quick.

Many government agencies from airports to towns are not very good at 1-4. If they do 1-4 internally, then the chance is greater that the system is subpar - if they contract out the work of 1-4 then there is a greater chance its pretty good.

You could always slop some material on a camera and then come back a week later to see if they have cleaned it. If not, then the system is probably not a good one.

Public transit is the worst environment for tracking people. Most systems are not integrated because they are so big and there are too many people and they then dissappear into the urban environment.

Many urban roads have an ITS ( Intelligent Transportation System) running which has #5 - that detects stalled vehicles and some types of debris. Some will detect people on the road, too. Some campuses and other installations will detect movement as well.

If you had to do something specific, then you can create blind spots a few days before by disabling the systems in a random matter to reduce focus on your area of interest. You can use lasers or high power LED lights to disable the cameras in real time but would need to test this before hand on models under your control. Some cameras are wireless and you can jam their signals. Others will PTZ ( Pan-Tilt-Zoom) on movement.

These systems are not the all-seeing eyes.
=================

[Crafty_Dog]

An interesting analysis of the current state of affairs.  Of course there is also the question of where things are headed , , ,
=============

What I believe that ___ is talking about here is NOT that someone can do a "Criminal Minds" style trace you across three continents using video footage hacked from random sources after identifying you by comparing a single grainy image against every drivers license database. That can't be done *yet*, and we're quite a ways from it.

What *can* happen is that some incident comes to the police's attention in front of the Licquor Store on State St. and Broadway. They know that the parking garage across the street has video cameras for liability. It shows the event and some amorphous blob about 5'6-6 foot walking away (and yes, knowing the height and angle of the camera, the distance to the event, and the height of one or more objects in the for and background they can, depending on image clarity get a LOT closer than that). This doesn't help them much, but they know there is another parking garage 1/2 block west, and licquor store with a couple of cameras in the parking lot 1/2 block east.

They also know the time, and approximately how long it takes to walk that far. So they don't have to scan a lot of video, maybe 10 minutes (more if the clocks are significantly off). If they see Mr. Blob on one video they move to the next camera that direction, establishing a route and asking questions along the way.

Given the proliferation (due to Moore's Law if nothing else) of video cameras all they have to do is stroll possible routes with an eye for video cameras. I'm betting you'll find them over watching alleys (to watch for employee pilferage and for employee security), loading docks etc. as well as front doors.

And on NONE of these are they really all that concerned with getting a good picture of your face. If they do, bonus. As long as they can track you, that's good enough. Eventually they'll find something, a store you ducked in to to buy a soda, or a car with a license plate or *something*.

Even in residential neighborhoods people are starting to monitor their houses and the streets ( http://www.safemart.com/category-Sec...meras-6835.htm ) and sometimes the cops know about it. Since these folks are buying consumer grade stuff it's *better* video than what the stores are putting in, but has a shorter lifespan, so it gets replaced every 3-4 year with BETTER stuff. And when they hear that the police are looking for any information on who killed Officer Joe Hero with three kids and who fled down Broadway in a blue car, they pull up their video and there you are. And their neighbor, who also has a system has a different angle and knows a guy on the next block...

You're also going to have about 1/2 the people filming/taking your picture on their cellphone.

And then they show these to a sketch artist.

And when they *catch* you, unless you're either well practiced, or a sociopath, if they have enough evidence to question you, they will find *some* handle to question you further.

Note that none of this has anything to do with actually seeing your picture on video.

Some of the tricks mentioned might work, but if they catch you slipping off that nasty overcoat and slipping on a tie, then they'd just change the blob they're looking for. And if they DO find some way to prove that blob was you, they just proved intent--otherwise you'd not have prepared a disguise ahead of time.

If something happens that you didn't expect and you need to flee the law you'd best just keep running until you're in a jurisdiction that doesn't have and extradition treaty, hope that the event is below the police's radar, or is sufficiently political that you can flee somewhere and ask for political asylum.

Seriously, if you act in accordance with the law, and act, to the extent the law allows, in a moral manner then either your best bet is to stay on scene and act like you did the right thing, or if the local gendarmes are corrupt to the point where that's not possible, then you're back to fleeing the jurisdiction. The only possible alternative is to get to your lawyers and arrange to turn yourself in to a different LEA, as an example if you had to shoot a dirty cop, you turn yourself in to the FBI, or if you had to shoot a sheriff who was doing Bad Things then go to the city police.

[Body-by-Guinness]

Retroactive Surveillance Immunity, Obama Style

Posted by Julian Sanchez

There’s a lot to unpack in the Office of the Inspector General’s blistering 300-page report on illegal FBI abuse of surveillance authority issued last month, but I want to highlight one especially worrisome aspect, about which I spoke with The Atlantic’s Marc Ambinder earlier today.

The very short version of the report’s background finding is that, for several years, analysts at the FBI blithely and illegally circumvented even the minimal checks on their power to demand telephone records under the PATRIOT Act. I’ll go into this further in a future post, but there are strong indicators that the agents involved knew they were doing something shady. Thousands of records were obtained using a basically made-up process called an “exigent letter” wherein they ask for records with what amounts to an IOU promising legitimate legal process any day now. (In many of those cases, the legitimate legal process would not actually have been available for the records obtained.) Still more disturbing, an unknown number of records were obtained without even this fictitious process: Agents simply made informal requests verbally, by e-mail, or via post-it note. And hey, why bother with subponeas or National Security Letters when you can just slap a sticky on someone’s monitor?

Treated to a preview of the OIG’s damning conclusions, the FBI was eager to find some way to cover its massive lawbreaking. So they apparently crafted a novel legal theory after the fact, in hopes of finding some way to shoehorn their actions into federal privacy statutes.  On January 8—as in four weeks ago, years after the conduct occurred—the Office of Legal Counsel seems to have blessed the FBI’s theory, which unfortunately remains secret.  Democratic Sens. Russ Feingold, Dick Durbin, and Ron Wyden have asked the Justice Department for details, but at present we just don’t know what kind of loopholes DOJ believes exist in the law meant to protect our sensitive calling records.

Communications records are generally protected by Chapter 121 of Title 18, known to its buddies as the Stored Communications Act. The few snippets of unredacted material in the OIG report suggest that the FBI’s argument is that the statute does not apply to certain classes of call records. Presumably, the place to look for the loophole is in §2702, which governs voluntary disclosures by telecom firms.  There is, of course, an exemption for genuine emergencies—imminent threats to life and limb—but these, we know, are not at issue here because most of the records were not sought in emergency situations. But there are a number of other loopholes. The statute governs companies providing electronic communications services “to the public”—which encompasses your cell company and your ISP, but probably not the internal networks of your university or employer. The activity at issue here, however, involved the major telecom carriers, so that’s probably not it. There’s another carve-out for records obtained with the consent of the subscriber, which might cover certain government employees who’ve signed off on surveillance as a condition of employment. We do know that in some cases, the records obtained had to do with leak investigations, but that doesn’t seem especially likely either, since the FBI claims (though the OIG expresses its doubts about the veracity of the claim) that the justification would apply to the “majority” of records obtained.

My current best guess, based on what little we know, is this. The SCA refers to, and protects from disclosure to any “government entity,” the records of “customers” and “subscribers.”  But telecommunications firms may often have records about the calling activity of people who are not the customers or subscribers of that company. For example, reciprocal agreements between carriers will often permit a phone that’s signed up with one cell provider to make use of another company’s network while roaming. When these outside phones register on a network, that information goes to a database called the Visitor Location Register. You could imagine a clever John Yoo type arguing that the SCA does not cover information in the VLR, since it does not constitute a “subscriber” or “customer” record. Of course, it beggars belief to think that Congress intended to allow such a loophole—or, indeed, had even considered such technical details of cell network architecture.

My guess, to be sure, could be wrong. But that just points to the larger problem: The Justice Department believes that some very clever lawyerly reading of the privacy statutes—so very clever that despite the rampant “creativity” of the Bush years, they only just came up with it a few weeks ago—permits the FBI to entirely circumvent all the elaborate systems of checks and balances in place (or so we thought) to protect our calling records. If investigators can write themselves secret exemptions from the clear intent of the law, then all the ongoing discussion about reform and reauthorization of the PATRIOT Act amounts to a farcical debate about where to place the fortifications along the Maginot Line.

http://www.cato-at-liberty.org/2010/02/01/retroactive-surveillance-immunity-obama-style/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Cato-at-liberty+%28Cato+at+Liberty%29

[Rarick]

This is the same arrogant crap the cops pulled in Texas.   Is there a pattern emerging?

[Crafty_Dog]

BBG:

I hope you will be able to stay on top of this story for us as it develops.

Thank you.

[Body-by-Guinness]

I'll try to wade through the report at some point, and will certainly keep track of what's being reported in the Libertarian world. Surprises me that the MSM has so little to say about it.

[Rarick]

the MSM is like the sheep in animal farm, they are so coopted that they do not even realize what they are doing........

The wired article titled "Privacy? it is gone, get over it and move on."  pretty much describes the attitude of most.  Especially the post X generations.

[Body-by-Guinness]

FBI wants to know where you've been on the web

Rick Moran
I guess it had to happen eventually. The FBI wants the authority to order internet service providers to keep customer surfing records for up to two years.

It's "for the children" of course. They say it will be easier to find and track child porn users. Never mind that your surfing history will also tell the feds whether you're a Republican or Democrat, or who your friends are, or what you really think about Obama.

Declan McCullagh of CNET has the details:

As far back as a 2006 speech, Mueller had called for data retention on the part of Internet providers, and emphasized the point two years later when explicitly asking Congress to enact a law making it mandatory. But it had not been clear before that the FBI was asking companies to begin to keep logs of what Web sites are visited, which few if any currently do.
The FBI is not alone in renewing its push for data retention. As CNET reported earlier this week, a survey of state computer crime investigators found them to be nearly unanimous in supporting the idea. Matt Dunn, an Immigration and Customs Enforcement agent in the Department of Homeland Security, also expressed support for the idea during the task force meeting.

Greg Motta, the chief of the FBI's digital evidence section, said that the bureau was trying to preserve its existing ability to conduct criminal investigations. Federal regulations in place since at least 1986 require phone companies that offer toll service to "retain for a period of 18 months" records including "the name, address, and telephone number of the caller, telephone number called, date, time and length of the call."

At Thursday's meeting (PDF) of the Online Safety and Technology Working Group, which was created by Congress and organized by the U.S. Department of Commerce, Motta stressed that the bureau was not asking that content data, such as the text of e-mail messages, be retained.

By all means, give the FBI everything they need - within reason - to conduct criminal investigations. But tracking an individual's website history is pretty far over the line. Anytime the potential for abuse outweighs any possible gains, such an idea should be deep sixed.

Over the next decade, we will have to fight very hard to keep the internet from falling into the hands of statists who would use it to oppress us. The UN will try to take it over. The US government will try to tax it, and perhaps even level a charge for email. Other nations like China will continue to restrict freedom on the net.

All must be resisted if this last, true bastion of unfettered personal liberty and expression is to remain in the hands of the people.




Page Printed from: http://www.americanthinker.com/blog/2010/02/fbi_wants_to_know_where_youve.html at February 06, 2010 - 04:53:50 PM CST

[Crafty_Dog]

http://news.cnet.com/8301-13578_3-10451518-38.html

Two years ago, when the FBI was stymied by a band of armed robbers known as the "Scarecrow Bandits" that had robbed more than 20 Texas banks, it came up with a novel method of locating the thieves.

FBI agents obtained logs from mobile phone companies corresponding to what their cellular towers had recorded at the time of a dozen different bank robberies in the Dallas area. The voluminous records showed that two phones had made calls around the time of all 12 heists, and that those phones belonged to men named Tony Hewitt and Corey Duffey. A jury eventually convicted the duo of multiple bank robbery and weapons charges.



Even though police are tapping into the locations of mobile phones thousands of times a year, the legal ground rules remain unclear, and federal privacy laws written a generation ago are ambiguous at best. On Friday, the first federal appeals court to consider the topic will hear oral arguments (PDF) in a case that could establish new standards for locating wireless devices.

In that case, the Obama administration has argued that warrantless tracking is permitted because Americans enjoy no "reasonable expectation of privacy" in their--or at least their cell phones'--whereabouts. U.S. Department of Justice lawyers say that "a customer's Fourth Amendment rights are not violated when the phone company reveals to the government its own records" that show where a mobile device placed and received calls.

Those claims have alarmed the ACLU and other civil liberties groups, which have opposed the Justice Department's request and plan to tell the U.S. Third Circuit Court of Appeals in Philadelphia that Americans' privacy deserves more protection and judicial oversight than what the administration has proposed.

"This is a critical question for privacy in the 21st century," says Kevin Bankston, an attorney at the Electronic Frontier Foundation who will be arguing on Friday. "If the courts do side with the government, that means that everywhere we go, in the real world and online, will be an open book to the government unprotected by the Fourth Amendment."

Not long ago, the concept of tracking cell phones would have been the stuff of spy movies. In 1998's "Enemy of the State," Gene Hackman warned that the National Security Agency has "been in bed with the entire telecommunications industry since the '40s--they've infected everything." After a decade of appearances in "24" and "Live Free or Die Hard," location-tracking has become such a trope that it was satirized in a scene with Seth Rogen from "Pineapple Express" (2008).

Once a Hollywood plot, now 'commonplace'
Whether state and federal police have been paying attention to Hollywood, or whether it was the other way around, cell phone tracking has become a regular feature in criminal investigations. It comes in two forms: police obtaining retrospective data kept by mobile providers for their own billing purposes that may not be very detailed, or prospective data that reveals the minute-by-minute location of a handset or mobile device.

Obtaining location details is now "commonplace," says Al Gidari, a partner in the Seattle offices of Perkins Coie who represents wireless carriers. "It's in every pen register order these days."

Gidari says that the Third Circuit case could have a significant impact on police investigations within the court's jurisdiction, namely Delaware, New Jersey, and Pennsylvania; it could be persuasive beyond those states. But, he cautions, "if the privacy groups win, the case won't be over. It will certainly be appealed."

CNET was the first to report on prospective tracking in a 2005 news article. In a subsequent Arizona case, agents from the Drug Enforcement Administration tracked a tractor trailer with a drug shipment through a GPS-equipped Nextel phone owned by the suspect. Texas DEA agents have used cell site information in real time to locate a Chrysler 300M driving from Rio Grande City to a ranch about 50 miles away. Verizon Wireless and T-Mobile logs showing the location of mobile phones at the time calls became evidence in a Los Angeles murder trial.

And a mobile phone's fleeting connection with a remote cell tower operated by Edge Wireless is what led searchers to the family of the late James Kim, a CNET employee who died in the Oregon wilderness in 2006 after leaving a snowbound car to seek help.


"This is a critical question for privacy in the 21st century. If the courts do side with the government, that means that everywhere we go, in the real world and online, will be an open book to the government unprotected by the Fourth Amendment."
--Kevin Bankston, attorney, Electronic Frontier Foundation
The way tracking works is simple: mobile phones are miniature radio transmitters and receivers. A cellular tower knows the general direction of a mobile phone (many cell sites have three antennas pointing in different directions), and if the phone is talking to multiple towers, triangulation yields a rough location fix. With this method, accuracy depends in part on the density of cell sites.

The Federal Communications Commission's "Enhanced 911" (E911) requirements allowed rough estimates to be transformed into precise coordinates. Wireless carriers using CDMA networks, such as Verizon Wireless and Sprint Nextel, tend to use embedded GPS technology to fulfill E911 requirements. AT&T and T-Mobile comply with E911 regulations using network-based technology that computes a phone's location using signal analysis and triangulation between towers.

T-Mobile, for instance, uses a GSM technology called Uplink Time Difference of Arrival, or U-TDOA, which calculates a position based on precisely how long it takes signals to reach towers. A company called TruePosition, which provides U-TDOA services to T-Mobile, boasts of "accuracy to under 50 meters" that's available "for start-of-call, midcall, or when idle."

A 2008 court order to T-Mobile in a criminal investigation of a marriage fraud scheme, which was originally sealed and later made public, says: "T-Mobile shall disclose at such intervals and times as directed by (the Department of Homeland Security), latitude and longitude data that establishes the approximate positions of the Subject Wireless Telephone, by unobtrusively initiating a signal on its network that will enable it to determine the locations of the Subject Wireless Telephone."

'No reasonable expectation of privacy'
In the case that's before the Third Circuit on Friday, the Bureau of Alcohol, Tobacco, Firearms and Explosives, or ATF, said it needed historical (meaning stored, not future) phone location information because a set of suspects "use their wireless telephones to arrange meetings and transactions in furtherance of their drug trafficking activities."

U.S. Magistrate Judge Lisa Lenihan in Pennsylvania denied the Justice Department's attempt to obtain stored location data without a search warrant; prosecutors had invoked a different legal procedure. Lenihan's ruling, in effect, would require police to obtain a search warrant based on probable cause--a more privacy-protective standard.

Lenihan's opinion (PDF)--which, in an unusual show of solidarity, was signed by four other magistrate judges--noted that location information can reveal sensitive information such as health treatments, financial difficulties, marital counseling, and extra-marital affairs.

In its appeal to the Third Circuit, the Justice Department claims that Lenihan's opinion "contains, and relies upon, numerous errors" and should be overruled. In addition to a search warrant not being necessary, prosecutors said, because location "records provide only a very general indication of a user's whereabouts at certain times in the past, the requested cell-site records do not implicate a Fourth Amendment privacy interest."

The Obama administration is not alone in making this argument. U.S. District Judge William Pauley, a Clinton appointee in New York, wrote in a 2009 opinion that a defendant in a drug trafficking case, Jose Navas, "did not have a legitimate expectation of privacy in the cell phone" location. That's because Navas only used the cell phone "on public thoroughfares en route from California to New York" and "if Navas intended to keep the cell phone's location private, he simply could have turned it off."

(Most cases have involved the ground rules for tracking cell phone users prospectively, and judges have disagreed over what legal rules apply. Only a minority has sided with the Justice Department, however.)

Cellular providers tend not to retain moment-by-moment logs of when each mobile device contacts the tower, in part because there's no business reason to store the data, and in part because the storage costs would be prohibitive. They do, however, keep records of what tower is in use when a call is initiated or answered--and those records are generally stored for six months to a year, depending on the company.

Verizon Wireless keeps "phone records including cell site location for 12 months," Drew Arena, Verizon's vice president and associate general counsel for law enforcement compliance, said at a federal task force meeting in Washington, D.C. last week. Arena said the company keeps "phone bills without cell site location for seven years," and stores SMS text messages for only a very brief time.

Gidari, the Seattle attorney, said that wireless carriers have recently extended how long they store this information. "Prior to a year or two ago when location-based services became more common, if it were 30 days it would be surprising," he said.

The ACLU, EFF, the Center for Democracy and Technology, and University of San Francisco law professor Susan Freiwald argue that the wording of the federal privacy law in question allows judges to require the level of proof required for a search warrant "before authorizing the disclosure of particularly novel or invasive types of information." In addition, they say, Americans do not "knowingly expose their location information and thereby surrender Fourth Amendment protection whenever they turn on or use their cell phones."

"The biggest issue at stake is whether or not courts are going to accept the government's minimal view of what is protected by the Fourth Amendment," says EFF's Bankston. "The government is arguing that based on precedents from the 1970s, any record held by a third party about us, no matter how invasively collected, is not protected by the Fourth Amendment."

Update 10:37 a.m. PT: A source inside the U.S. Attorney's Office for the northern district of Texas, which prosecuted the Scarecrow Bandits mentioned in the above article, tells me that this was the first and the only time that the FBI has used the location-data-mining technique to nab bank robbers. It's also worth noting that the leader of this gang, Corey Duffey, was sentenced last month to 354 years (not months, but years) in prison. Another member is facing 140 years in prison.

 Declan McCullagh is a contributor to CNET News and a correspondent for CBSNews.com who has covered the intersection of politics and technology for over a decade. Declan writes a regular feature called Taking Liberties, focused on individual and economic rights; you can bookmark his CBS News Taking Liberties site, or subscribe to the RSS feed. You can e-mail Declan at declan@cbsnews.com.

[Crafty_Dog]

http://www.cbsnews.com/video/watch/?id=6412572n

[Crafty_Dog]

Phone companies know where their customers' cellphones are, often within a radius of less than 100 feet. That tracking technology has rescued lost drivers, helped authorities find kidnap victims and let parents keep tabs on their kids.

But the technology isn't always used the way the phone company intends.

One morning last summer, Glenn Helwig threw his then-wife to the floor of their bedroom in Corpus Christi, Texas, she alleged in police reports. She packed her 1995 Hyundai and drove to a friend's home, she recalled recently. She didn't expect him to find her. The day after she arrived, she says, her husband "all of a sudden showed up." According to police reports, he barged in and knocked her to the floor, then took off with her car.

The police say in a report that Mr. Helwig found his wife using a service offered by his cellular carrier, which enabled him to follow her movements through the global-positioning-system chip contained in her cellphone.

Mr. Helwig, in an interview, acknowledged using the service to track his wife on some occasions. He says he signed up for the tracking service last year. "AT&T had this little deal where you could find your family member through her cellphone," he says. But he didn't use it to find his wife that day, he says. Mr. Helwig, who is awaiting trial on related assault charges, declined to comment further about the matter. He has pleaded not guilty.


The allegations are a stark reminder of a largely hidden cost from the proliferation of sophisticated tracking technology in everyday life—a loss of privacy.

Global-positioning systems, called GPS, and other technologies used by phone companies have unexpectedly made it easier for abusers to track their victims. A U.S. Justice Department report last year estimated that more than 25,000 adults in the U.S. are victims of GPS stalking annually, including by cellphone.

In the online world, consumers who surf the Internet unintentionally surrender all kinds of personal information to marketing firms that use invisible tracking technology to monitor online activity. A Wall Street Journal investigation of the 50 most-popular U.S. websites found that most are placing intrusive tracking technologies on the computers of visitors—in some cases, more than 100 tracking tools at a time.

The cellphone industry says location-tracking programs are meant to provide a useful service to families, and that most providers take steps to prevent abuse. Mike Altschul, chief counsel for wireless-telecommunications trade group CTIA, says recommended "best practices" for providers of such services include providing notification to the person being tracked.

Mr. Helwig's wife had received such a notification, by text message, from AT&T. A spokesman for AT&T Inc. says it notifies all phone users when tracking functions are activated. But users don't have the right to refuse to be tracked by the account holder. Turning off the phone stops the tracking.

Cellphone companies will deactivate a tracking function if law-enforcement officials inform them it is being used for stalking. Mr. Altschul says authorities haven't asked carriers to change their programs. He adds that carriers have long supported programs to give untraceable cellphones to domestic-violence victims.

In Arizona this year, Andre Leteve used the GPS in his wife's cellphone to stalk her, according to his wife's lawyer, Robert Jensen, before allegedly murdering their two children and shooting himself. Mr. Jensen says Mr. Leteve's wife, Laurie Leteve, didn't know she was being tracked until she looked at one of the family's monthly cellphone bills, more than 30 days after the tracking began. Mr. Leteve, a real-estate agent, is expected to recover. He has pleaded not guilty to murder charges, and is awaiting trial. The law firm representing him declined to comment.

In a suspected murder-suicide last year near Seattle, a mechanic named James Harrison allegedly tracked his wife's cellphone to a store. After he found her there with another man, he shot to death his five children and himself, according to the Pierce County Sheriff's Office.

Therapists who work with domestic-abuse victims say they are increasingly seeing clients who have been stalked via their phones. At the Next Door Solutions for Battered Women shelter in San Jose, Calif., director Kathleen Krenek says women frequently arrive with the same complaint: "He knows where I am all the time, and I can't figure out how he's tracking me."

In such cases, Ms. Krenek says, the abuser is usually tracking a victim's cellphone. That comes as a shock to many stalking victims, she says, who often believe that carrying a phone makes them safer because they can call 911 if they're attacked.

There are various technologies for tracking a person's phone, and with the fast growth in smartphones, new ones come along frequently. Earlier this year, researchers with iSec Partners, a cyber-security firm, described in a report how anyone could track a phone within a tight radius. All that is required is the target person's cellphone number, a computer and some knowledge of how cellular networks work, said the report, which aimed to spotlight a security vulnerability.


The result, says iSec researcher Don Bailey, is that "guys like me, who shouldn't have access to your location, have it for very, very, very cheap."

That is, in part, an unintended consequence of federal regulations that require cellphone makers to install GPS chips or other location technology in nearly all phones. The Federal Communications Commission required U.S. cellular providers to make at least 95% of the phones in their networks traceable by satellite or other technologies by the end of 2005. The agency's intention was to make it easier for people in emergencies to get help. GPS chips send signals to satellites that enable police and rescue workers to locate a person.

To a large extent, that potential has been fulfilled. Last year, for example, police in Athol, Mass., working with a cellphone carrier, were able to pinpoint the location of a 9-year-old girl who allegedly had been kidnapped and taken to Virginia by her grandmother. In December, police in Wickliffe, Ohio, tracked down and arrested a man who allegedly had robbed a Pizza Hut at gunpoint by tracking the location of a cellphone they say he had stolen.

Mr. Altschul, of the cellphone-industry trade group, says the tracking technology has been of great help to both law-enforcement officials and parents. "The technology here is neutral," he says. "It's actually used for peace of mind."

But as GPS phones proliferated, tech companies found other uses for the tracking data. Software called MobileSpy can "silently record text messages, GPS locations and call details" on iPhones, BlackBerrys and Android phones, according to the program's maker, Retina-X Studios LLC. For $99.97 a year, a person can load MobileSpy onto someone's cellphone and track that phone's location.



Craig Thompson, Retina-X's operations director, says the software is meant to allow parents to track their kids and companies to keep tabs on phones their employees use. He says the company has sold 60,000 copies of MobileSpy. The company sometimes gets calls from people who complain they are being improperly tracked, he says, but it hasn't been able to verify any of the complaints.

Installing such programs requires a person to physically get hold of the phone to download software onto it.

GPS-tracking systems provided by cellular carriers such as AT&T and Verizon Communications Inc. are activated remotely, by the carriers.

Domestic-violence shelters have learned the consequences. As soon as victims arrive at shelters run by A Safe Place, "we literally take their phones apart and put them in a plastic bag" to disable the tracking systems, says Marsie Silvestro, director of the Portsmouth, N.H., organization, which houses domestic-violence victims in secret locations so their abusers can't find them.

The organization put that policy in place after a close call. On Feb. 26, Jennie Barnes arrived at a shelter to escape her husband, Michael Barnes, according to a police affidavit filed in a domestic-violence case against Mr. Barnes in New Hampshire state court. Ms. Barnes told police she was afraid that Mr. Barnes, who has admitted in court to assaulting his wife, would assault her again.

Ms. Barnes told a police officer that "she was in fear for her life," according to court filings. The next day, a judge issued a restraining order requiring Mr. Barnes to stay away from his wife.

Later that day, court records indicate, Mr. Barnes called his wife's cellular carrier, AT&T, and activated a service that let him track his wife's location. Mr. Barnes, court records say, told his brother that he planned to find Ms. Barnes.

The cellular carrier sent Ms. Barnes a text message telling her the tracking service had been activated, and police intercepted her husband. Mr. Barnes, who pleaded guilty to assaulting his wife and to violating a restraining order by tracking her with the cellphone, was sentenced to 12 months in jail. A lawyer for Mr. Barnes didn't return calls seeking comment.

Another source for cellphone tracking information: systems meant to help police and firefighters. Some cellular carriers provide services for law-enforcement officers to track people in emergencies. Using such systems requires a person to visit a special website or dial a hot-line number set up by the carrier and claim the data request is for law-enforcement purposes.

Cellular carriers say they try to verify that callers are legitimate. An AT&T spokesman says an office is manned around the clock by operators who ask for subpoenas from law-enforcement officials using the system.

But federal law allows carriers to turn over data in emergencies without subpoenas. Al Gidari, a lawyer who represents carriers such as Verizon, says such location-tracking systems can be easy to abuse. Police, he says, often claim they need data immediately for an emergency like a kidnapping, and therefore don't have time to obtain a warrant, in which a judge must approve an information request.

In Minnesota, Sarah Jean Mann claimed last year in a county-court petition for a restraining order that her estranged boyfriend, a state narcotics agent, followed her by tracking her cellphone and accessing her call and location records through such a system. The court issued the restraining order. The boyfriend, Randy Olson, has since resigned from the police force. He didn't respond to calls seeking comment.

Mr. Gidari says law-enforcement's easy access to such data makes the systems easy to abuse. He says carriers would like to have a system in place requiring agents to get warrants. Without such a requirement, there is little carriers can do to resist warrantless requests, say Mr. Gidari and Mr. Altschul of trade group CTIA. Federal law says carriers may comply with such requests, and law-enforcement agencies have pressured them to maintain the tracking systems, Mr. Gidari says.

The easiest way for stalkers to locate a target—and perhaps the most common, say therapists who work with victims and abusers—is by using systems offered by carriers. When cellphone users sign up for a "family plan" that includes two or more phones, they have the option to contact the carrier and activate a tracking feature intended to allow them to keep tabs on their children.

The AT&T FamilyMap program, for example, is free for 30 days and requires only a phone call to activate. "Know where your kids and loved ones are at any time!" says AT&T's website. The system is for parents, says an AT&T spokesman. He says the company hasn't received complaints about FamilyMap being used by stalkers.

The system provides an on-screen map on the smartphone or computer of the person doing the tracking. A dot on the map shows the location and movement of the person being followed. The carrier sends a text-message to the person being tracked that their phone is registered in the program.

These add-on services can be lucrative for carriers. AT&T debuted its FamilyMap system in April 2009. It charges $9.99 a month to track up to two phones, $14.99 for up to five. FamilyMap users must agree to "terms-of-use" stating that they may not use the system to "harrass, stalk, threaten" or otherwise harm anyone.

In Corpus Christi, Mr. Helwig and his wife, who had been married since early 2008, bought phones under an AT&T family plan. Mr. Helwig says he activated the feature last year. His wife says she received a text message that a tracking function had been activated on her phone, but wasn't sure how it was activated. Her husband, she says, initially denied turning on the tracking function.

She says she eventually came up with a plan to flee to the house of a family whose children she baby-sat. Her husband "had no idea where they lived" or even their names, she says. As she was packing, her husband confronted her. They argued, and, according to her statements in police reports, Mr. Helwig dragged her around by her hair.

The police came. She says she told them she didn't want them to arrest Mr. Helwig, that she simply wanted to leave. The police told Mr. Helwig to stay away from her for 24 hours, she says.

As she drove to her friend's house, she says, she made sure her phone was off so Mr. Helwig couldn't track her. But she turned it on several times to make calls. The next day, Mr. Helwig was outside in a rage, according to police reports.

Mr. Helwig forced his way into the house, pushed her to the floor, took her car keys and drove away in her Hyundai, according to police reports.

Police arrested Mr. Helwig a short distance away. Mr. Helwig, a firefighter, is facing charges of assault and interfering with an emergency call. His trial is scheduled to begin this summer.

Mr. Helwig and his wife divorced, and she left Corpus Christi. She says she doesn't want to testify against him. She says she is more careful about trusting her cellphone now.

Write to Justin Scheck at justin.scheck@wsj.com

[Body-by-Guinness]

Hacker intercepts phone calls with homebuilt $1,500 IMSI catcher, claims GSM is beyond repair
By Sean Hollister  posted Jul 31st 2010 10:28PM

In 2009, Chris Paget showed the world the vulnerabilities of RFID by downloading the contents of US passports from the safety of his automobile. This year, he's doing the same for mobile phones. Demonstrating at DefCon 2010, the white hat hacker fooled 17 nearby GSM phones into believing his $1,500 kit (including a laptop and two RF antennas) was a legitimate cell phone base station, and proceeded to intercept and record audience calls. "As far as your cell phones are concerned, I'm now indistinguishable from AT&T," he told the crowd. The purpose of the demonstration was highlight a major flaw in the 2G GSM system, which directs phones to connect to the tower with the strongest signal regardless of origin -- in this case, Paget's phony tower.

The hacker did caveat that his system could only intercept outbound calls, and that caller ID could tip off the owner of a handset to what's what, but he says professional IMSI catchers used by law enforcement don't suffer from such flaws and amateur parity would only be a matter of time. "GSM is broken," Paget said, "The primary solution is to turn it off altogether." That's a tall order for a world still very dependent on the technology for mobile connectivity, but we suppose AT&T and T-Mobile could show the way. Then again, we imagine much of that same world is still using WEP and WPA1 to "secure" their WiFi.

http://www.engadget.com/2010/07/31/hacker-intercepts-phone-calls-with-homebuilt-1-500-imsi-catcher/

[Crafty_Dog]

Interesting.

Trivia:  George Gilder called this over ten years ago back when he was evangelizing for Qualcom's technology.

[Body-by-Guinness]

Prepare for Data Tsunami, Warns Google CEO
Google CEO Eric Schmidt says an explosion of data is coming -- and we're totally unprepared to handle the deluge. Here's why he's right.
Dan Tynan, ITworld
Aug 6, 2010 5:09 pm

Google CEO Eric Schmidt had some scary things to say about privacy yesterday. In a nutshell, he said there's an almost incomprehensible amount of data out there about all of us -- much of which we've generated ourselves via social networks, blogs, and so on -- and we are totally unprepared to deal with the implications of that fact.

Schmidt was speaking at the Techonomy confab, currently underway at California's Lake Tahoe, where large-brained people gather to talk about how technology and the economy intersect.

[ See also: Whom do you fear: Apple, Google, Microsoft, or God? ]

Marshall Kirkpatrick of Read Write Web distilled the highlights:

"There was 5 exabytes of information created between the dawn of civilization through 2003," Schmidt said, "but that much information is now created every 2 days, and the pace is increasing...People aren't ready for the technology revolution that's going to happen to them...."

"If I look at enough of your messaging and your location, and use Artificial Intelligence," Schmidt said, "we can predict where you are going to go."

"Show us 14 photos of yourself and we can identify who you are. You think you don't have 14 photos of yourself on the internet? You've got Facebook photos! People will find it's very useful to have devices that remember what you want to do, because you forgot...But society isn't ready for questions that will be raised as result of user-generated content."

Are visions of 2001's HAL 9000 or maybe The Terminator's SkyNet dancing in your head yet? How about Minority Report or Enemy of the State?

In those movies, it was malevolent machines or government agencies that played the boogieman. In Schmidt's scenario, the source of evil is a lot murkier.

Schmidt wasn't really trying to draw disaster scenarios. He noted that a lot of positive benefits can come from the information explosion, and he's right. Personally, if not for the Internet, I might be in another line of work. I'd almost certainly live in another city. Being able to access vast amounts of data without lifting my butt from this ergonomic chair has transformed my life in dozens of ways, as I'm sure it has tranformed others'.

Of course, Google is in the business of monetizing that data, for which it seems to possess an insatiable appetite. And sometimes it screws up big time. Schmidt didn't really talk about that.

The good side of all this data: instant information about virtually anything. The dark side? Vast potential for personal profiling by your employer, your insurer, and The Man.

The fact is, your participation in a political forum might cause someone to not hire you. Your comments to a blog post about a particular medical condition may inspire an insurer to decline coverage. The Web sites you visit, the books you download and the movies you stream could get you on a watchlist -- or worse.

Sound like a paranoid fantasy? It's happened before, in different places and times, in different ways. From now on, though, it will happen via the Net. The stunning profusion of data out there -- and Google's very efficient methods for collecting and organizing that data -- make it all possible.

Schmidt seems like a decent enough guy (though the resemblance to Howdy Doody is a bit unnerving). I don't think he or his company are evil; but I do believe that like most corporations -- and people, for that matter -- Google has its own best interests at heart. Those interests lie in keeping Schmidt's search engine stoked with more and more data.

He's right, though. We're unprepared. And when the data tsunami hits, all of us will get soaked. Hope you brought your all-weather gear.

When not abusing weather metaphors, ITworld TY4NS blogger Dan Tynan keeps the snark engine stoked at eSarcasm (Geek Humor Gone Wild). Follow him on Twitter: @tynan_on_tech.

http://www.pcworld.com/article/202817/prepare_for_data_tsunami_warns_google_ceo.html?tk=hp_new

[G M]

There aren't 14 photos of me on the internet....

[Body-by-Guinness]

I'm sure there's a wisecrack that could spring from that statement.

Hey I've been meaning to mention my shooting instructor ran your pal Radley Balko through a concealed carry for self defense class a couple months back. Said he'd done "okay," which I took to mean another freaking civie who needs a lot more range time.

[G M]

Yes, I keep my face off the net to avoid mass waves of gastric reflux. 

I wish Ol' Radley would pin on a badge for a while to see that things aren't as simple as he thinks. Until then, he's just a virgin discussing the kama sutra.

[Body-by-Guinness]

Wished I'd been there to get a read on Balko. I figured out what my Obama tax break amounts to, pay it monthly to the instructor, and then jump in on any class where there's space available. Would have been amusing to see what Balko's about.